Transcript

Asset Inventory CMDB Sync AppUser GuideVersion 1.1

November 14, 2019

Verity Confidential

Copyright 2019 by Qualys, Inc. All Rights Reserved.

Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.

Qualys, Inc.919 E Hillsdale Blvd4th FloorFoster City, CA 944041 (650) 801 6100

Table of Contents

About this guide............................................................................................... 5About Qualys ........................................................................................................................... 5Qualys Support ........................................................................................................................ 5

Welcome to Qualys Asset Inventory CMDB Sync.................................... 6Key Features............................................................................................................................. 6Pre-requisites ........................................................................................................................... 6

Get Started ........................................................................................................ 7Install the App ......................................................................................................................... 7Add API Source ........................................................................................................................ 8Create Schedules ..................................................................................................................... 9

Qualys to ServiceNow Scheduling................................................................................... 9ServiceNow to Qualys Scheduling................................................................................. 10

Update Properties .................................................................................................................. 12Customize Data List Columns.............................................................................................. 13

Syncing............................................................................................................. 14Sync Queue ............................................................................................................................ 14

Download: Qualys to ServiceNow ................................................................................. 14Upload: ServiceNow to Qualys ...................................................................................... 14

Approve Qualys Assets ......................................................................................................... 15Failed Qualys Assets ............................................................................................................. 15

Advanced Configuration.............................................................................. 16App Scheduled Jobs ............................................................................................................... 16Transform Maps .................................................................................................................... 18Identification Engine ............................................................................................................. 19

Add or Update Rules (Pre-defined Table) ..................................................................... 19Custom Table .................................................................................................................. 20

Configuration Item (CI) Class Selection .............................................................................. 22Customize Transform Maps Using CI Class................................................................. 22

Application Log ...................................................................................................................... 23

View Reports.................................................................................................. 24Customize Overview Page .................................................................................................... 26

Add a Report .................................................................................................................... 26Remove a Report ............................................................................................................. 27

Refresh Overview page.......................................................................................................... 27

Debugging and Troubleshooting............................................................... 28

3

How to debug ......................................................................................................................... 28Observed Issues ..................................................................................................................... 28Anticipated Issues ................................................................................................................. 29Common Questions............................................................................................................... 29

Field Mapping for Transform Maps ............................................................ 31

4

Qualys Asset Inventory CMDB SyncAbout this guide

5

About this guideWelcome to Qualys Cloud Platform! We’ll show you how to use the Qualys Asset Inventory CMDB Sync App to synchronize Qualys IT asset discovery and classification with the ServiceNow Configuration Management Database (CMDB) system.

About QualysQualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications.

Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information, please visit www.qualys.com

Qualys SupportQualys is committed to providing you with the most thorough support. Through online documentation, telephone help, and direct email support, Qualys ensures that your questions will be answered in the fastest time possible. We support you 7 days a week, 24 hours a day. Access support information at www.qualys.com/support/

6

Qualys Asset Inventory CMDB SyncWelcome to Qualys Asset Inventory CMDB Sync

Welcome to Qualys Asset Inventory CMDB SyncThe Qualys Asset Inventory CMDB Sync App (Qualys App) for Configuration Management Database (CMDB) automatically synchronizes comprehensive information about your global IT resources that are continuously monitored by Qualys Asset Inventory. This leverages Qualys’ highly distributed and scalable cloud platform, and various data collection tools, including Qualys’ groundbreaking Cloud Agents, to compile and continually update a full inventory of your IT assets everywhere: on premises, in elastic clouds and mobile endpoints.

Key Features- Asset information is automatically enriched with additional context such as lifecycle date and support stage, license category

- For assets that already exist in both, asset metadata can be synchronized

- Optionally, asset information is staged for user approval before being written to CMDB

- Support for multiple Qualys accounts/API sources

- Synchronization schedules can be configured and saved

- Preconfigured table transform maps for open ports, assets, network interfaces, software, processors and volumes

- Preconfigured reports

Pre-requisitesYou must have a valid Qualys Account subscription with API Access and access to following modules:

- Qualys Subscription with Global IT Asset Inventory (Qualys to ServiceNow Sync)

- Asset Inventory CMDB Sync enabled within your Qualys subscription (Qualys to ServiceNow Sync)

- Vulnerability Management (ServiceNow to Qualys Sync)

Qualys Asset Inventory CMDB SyncGet Started

Get StartedHere we’ll help you with the initial configuration and setup needed to get started.

Quick StepsInstall the App - You’ll get the app from the ServiceNow app store.

Add API Source- Provide the API Source details and use Test Connection to know if the connection between ServiceNow and the defined source is working fine.

Create Schedules - Provide details to create a schedule. Once a schedule is successfully created, the sync between the source and CMDB gets working as per the schedule.

Update Properties - The Properties have pre-defined values, however you can always update a property to better suit your needs.

Install the AppVisit the ServiceNow Online Store.

Search for Qualys Asset Inventory CMDB Sync App, and click Contact Seller. Your Technical Account Manager (TAM) will contact you, and then ServiceNow provisions the app into an instance of your choice. The app then appears in the “Downloads” list of your instance. Click “Install” to start using the app.

In the Search field, type Asset Inventory, and then select Qualys Asset Inventory CMDB Sync App from the left pane. After you are done, new module appears in your ServiceNow instance that looks like this:

7

Qualys Asset Inventory CMDB SyncGet Started

Add API SourceOnce you install the Qualys App, you need to add the API source. Go to Qualys Asset Inventory CMDB Sync App > Configuration > API Sources, and click New.

Enter required details to create the source:

Name - Provide a name for the API source.

POD - Click and select the valid Qualys POD.

Username and Password - Enter valid Qualys Cloud Platform credentials with API access enabled for the account on the selected POD.

Enable Qualys to ServiceNow Sync and Enable ServiceNow to Qualys Sync - Select these options to allow uninterrupted sync between Qualys and ServiceNow.

Active - Select this option to tell us the source is active and assets should be synced from the active source. In case of multiple sources, you can use this option to activate or deactivate a source.

Click Submit to create the API source.

Then, after configuring and saving the API source, choose the record you just created from the API source list, open the record and click Test Connection.

8

Qualys Asset Inventory CMDB SyncGet Started

Create SchedulesYou need to set up at least one schedule. You may eventually want many more. Once a schedule is successfully created, the sync between the source and CMDB gets working as per the defined schedule.

Qualys to ServiceNow SchedulingGo to Qualys Asset Inventory CMDB Sync App > Schedules and select “Qualys to ServiceNow” for Sync Direction.

Enter required details to configure the schedule:

Name - Provide a unique name for your schedule that helps you identify your schedule.

Active - Select to enable and activate the schedule you create. If you want to activate a schedule sometime later, you can disable this checkbox.

API Source - Select the API Source.

Sync Direction - Select Qualys to ServiceNow.

Target Transform Map - Select the custom transform map that tells us which destination table to put the assets in. Support of Configuration Item (CI) Class Selection allows you to define/customize the destination tables into which the pulled asset information should go after the assets are approved. Learn more

Download Assets Since: Define the date and time to sync assets from Qualys to ServiceNow. The schedules will download the assets after the defined time.

API Filter: Use search tokens to filter the assets as per the requirement.

Example: operatingSystem.category1:'Linux’

This token will list all the assets with the Linux operating system.

9

Qualys Asset Inventory CMDB SyncGet Started

Click here for help on using the search tokens.

Run, Starting, Repeat Interval - Tell us the frequency of the schedule to be executed. For example, you could schedule it periodically every 15 minutes.

Auto Approve - Select this to enable auto-approval of assets. This will save the effort of manually approving the assets to be staged on the production tables.

Qualys to ServiceNow Sync - Select the information we should fetch for each asset: Sync Ports Info, Sync Volumes Info, Sync Network Interfaces Info, Sync Software Info.

For initial sync from Qualys to ServiceNow, we recommend that you plan your schedules at an interval of every ten minutes.

Once you configure your selections, click Submit to create the schedule.

Note: The Meta Info fields and few other blank fields such as Last Run Timestamp, Last Fetched Host Id are populated with information only after the schedule is executed.

ServiceNow to Qualys SchedulingGo to Qualys Asset Inventory CMDB Sync App > Schedules and select “ServiceNow to Qualys” for Sync Direction.

Enter required details to configure the schedule:

Name - Provide a unique name for your schedule that helps you identify your schedule.

Active - Select to enable and activate the schedule you create. If you want to activate a schedule sometime later, you can disable this option.

API Source - Select the API source.

Sync Direction - Select ServiceNow to Qualys.

10

Qualys Asset Inventory CMDB SyncGet Started

Run - Tell us the frequency of the schedule to be executed. For example, we could configure to execute schedule only on-demand.

Tracking Method - Choose a tracking method when syncing from ServiceNow to Qualys. Choose IP, DNS, or NETBIOS tracking method.

Qualys Asset Tag or Qualys Asset Group (Optional) - Choose a Qualys Asset Tag or Qualys Asset Group. The “Qualys Asset Tag” or “Qualys Asset Group” box will assign that tag in Qualys Cloud Platform to any assets synced from ServiceNow. Note - The Asset Tags that belong to only NETWORK_RANGE type are populated. All other asset tags are ignored.

We also highly recommend you add filter conditions (at minimum IP Address) to assets to be synced. When you select a TABLE ensure that the table has a column with “ip_address” name, else the ServiceNow > Qualys sync may not function.

VM (Vulnerability Management) is enabled by default to be able to scan the assets you sync. We recommend that you do not disable this option. It is optional to enable PC (Policy Compliance).

Once you configure your selections, click Submit to create the schedule.

Note: The Meta Info fields and few other blank fields such as Last Run Timestamp are populated with information only after the schedule is executed.

11

Qualys Asset Inventory CMDB SyncGet Started

Update PropertiesThe Asset Sync Properties have pre-populated values. However, you can always change the values to suit your needs. To view the existing properties or update the values, go to Qualys Asset Inventory CMDB Sync App > Configuration > Properties.

Let’s take a look at how each property functions.

Size of Download batch - Configure two properties using this setting:

- The maximum number of assets to be fetched in a single API request call made by the scheduler.

- The maximum number of records to be fetched and processed at one go from the queue by the download processor.

Size of Upload batch - Maximum number of records to be picked by the upload processor from the queue to be uploaded to Qualys.

Max Transaction Lifetime (in minutes) - The Qualys App has time restrictions on schedule run time. Although by default the time restriction is set to 10 minutes, you can change the time restriction to any time between 10 and 60 minutes. If you configure the schedule time to 20 minutes, the schedule is stopped after 20 minutes. In such a case, next scheduled run will resume from where the earlier run was stopped.

API Timeout Setting (in milliseconds) - The wait time (in milliseconds) for the response to the API request.

How to add data in CMDB - Choose a method to insert the data in CMDB:

- Transform Maps. Allows you to use single or multiple attributes but only single condition to define which assets to add/update to the CI records. Learn more

- Identification Engine. Allows you to use single or multiple attributes along with multiple conditions to define which assets to add/update to the CI records. Learn more

12

Qualys Asset Inventory CMDB SyncGet Started

Customize Data List ColumnsWe display few columns in the data lists. You can customize which columns appear and change the column sequence. We’ll show you an example for adding the column “Qualys Asset Group” to data lists.

1) Click the icon in the main pane. The Personalize List Columns pop-up appears.

2) The Available list includes columns that are currently hidden. From this list, select the column you want to display. For example, double-click the column “Qualys Asset Group” and you’ll see it moved to the Selected list.

3) Enable or disable other settings like Wrap column text, double click to edit, and so on.

4) Click OK.

You’ll start seeing the Qualys Asset Group column. We display values in this column when the tag is present in the XML. If for some interfaces, the Qualys Asset Group is not available (XML does not contain it OR it’s empty), the value in the column will be empty.

13

Qualys Asset Inventory CMDB SyncSyncing

SyncingStart syncing your asset information between Qualys and ServiceNow CMDB.

In SummarySync Queue: This is where you’ll see all jobs involved during the flow of assets between Qualys and ServiceNow.

Approve Qualys Assets: This is where you’ll see assets that need manual approval when auto-approval is not enabled.

Failed Qualys Assets: This is where you’ll see assets that failed to get transformed.

Sync QueueThe Sync Queue lists jobs of two types: Upload and Download. The Type column indicates the direction of the flow of assets.

Download: Qualys to ServiceNowThis shows the list of jobs run from Qualys to ServiceNow assets. The status indicates whether the application was able to parse the XML response successfully. The XML that was transferred is also available here (usually attached as response.xml).

Upload: ServiceNow to QualysThis is the list of assets to be synced from ServiceNow to Qualys Cloud Platform. Defining IP along with Asset Tag or Asset Group in Schedules will add two entries for an asset during upload: one for IP address and one for Asset Tag or Asset Group.

14

Qualys Asset Inventory CMDB SyncSyncing

Approve Qualys AssetsAssets imported from Qualys to ServiceNow will appear here for approval after successful processing in Sync Queue. If processing fails for any record in Sync Queue (status = Error), none of the host assets in that XML will be visible here. You’ll need to approve each asset individually or one screen at a time. You will overwrite data in your CMDB when you approve the asset.

Save time by using auto-approvalEnabling auto-approval of assets saves you effort and time because you won’t have to manually approve each asset. If you enable auto-approval, none of the assets are displayed in the Approve Qualys Assets list.

Failed Qualys AssetsAll of the assets imported from Qualys to ServiceNow that fail to get transformed are listed in the Failed Qualys Assets list. The transformation from Qualys to ServiceNow could fail due to criteria not being matched. For example, if you define the method to add data as “Identification Engine” and there is no identifier in the app.

15

Qualys Asset Inventory CMDB SyncAdvanced Configuration

Advanced ConfigurationThe Advanced Configuration tells you about various pre-defined configurations and steps to customize them to your need. Transform Maps and Identification Engine are methods you can use to add data to your CMDB.

In Summary App Scheduled Jobs - List of all scheduled jobs. Update or change the frequency of scheduled jobs as per your needs.

Transform Maps - Use transform mapping to map source and destination fields dynamically. Use predefined Transform Maps or create your own.

Identification Engine - Use this method to define the criteria using single or multiple attributes that uniquely identify the source assets and asset information before the assets get approved and are added to the CMDB system.

Configuration Item (CI) Class Selection - Use CI Class Selection to create customized tables and associate custom tables with custom Transform Maps.

Application Log - All log entries related to the important activities in Qualys App.

App Scheduled JobsAll of the App Scheduled Jobs are listed under Advanced > App Scheduled Jobs.

16

Qualys Asset Inventory CMDB SyncAdvanced Configuration

We support the following App Scheduled Jobs. The function and frequency of execution of each job is described. However, you can always update or change the frequency of scheduled jobs as per your needs.

Auto Approval Processor - Checks the records to know which schedule does it belong to and processes it further. Only records that have auto-approval enabled are processed by the Auto Approval Processor.

Download Processor - Picks the records of type Download with Queued status from sync queue and parses the XML. The number of records to be picked in a batch is defined by the Size of Download batch setting in Properties section. Currently, we support three download processors that work in parallel to fasten the process.

Fetch Qualys Asset Groups Schedule - By default, this schedule is executed once daily. Once executed, it syncs all of the Asset Groups in Qualys Cloud Platform for use within the App. You may run this more than once a day if you generate Asset Groups in Qualys Cloud Platform frequently.

Fetch Qualys Asset Tags Schedule - By default, this schedule is executed once daily. Once executed, it syncs all of the Asset Tags in Qualys Cloud Platform for use within the App. You may run this more than once a day if you generate Asset Tags in Qualys Cloud Platform frequently.

Qualys Sync Queue Cleanup Job - Clears the Sync Queue records with 'SUCCESS' status (older than 30 days) and records with 'ERROR' status (older than 60 days) on daily schedule.

Qualys Terminate Schedule Logs - Maintains a log of the transactions that are terminated due to exceeding the time required to execute the transaction.

Uploader - Picks the records of type Upload with Queued status from Sync Queue and sends it to Qualys.

17

Qualys Asset Inventory CMDB SyncAdvanced Configuration

Transform MapsA transform map is a set of field maps that determine the relationships between fields in an import set and fields in an existing ServiceNow table.

After creating a transform map, you can reuse it to map data from another import set to the same ServiceNow table. The Transform Maps module allows an administrator to define destinations for imported data on any ServiceNow table. Transform mapping can be as simple as a drag and drop operation to specify linking between source fields on an import set table and destination fields on any ServiceNow table.

Use transform mapping to map source and destination fields dynamically. You could easily use the predefined Transform Maps or create one to suit your need.

Learn morePlease refer to the ServiceNow documentation to learn more about transform maps.

Qualys Pre-defined Transform Map Type of Asset Information Affected

Qualys Asset Inventory Transform Map Assets

Qualys Asset Inventory Software Instance Map Software Instances

Qualys Asset Inventory Network Interfaces Transform Map Network Interfaces

Qualys Asset Inventory Software Transform Map Software

Qualys Asset Inventory Open Ports Transform Map Open Ports

Qualys Asset Inventory Volumes Transform Map Volume of the Asset

18

Qualys Asset Inventory CMDB SyncAdvanced Configuration

Identification EngineYou could opt to use Identification Engine instead of Transform Maps. Similar to transform maps, the identification engine helps you to decide which assets should be added to CMDB system. You can to define the criteria using single or multiple attributes that uniquely identify the source assets and asset information before the assets get approved and are added to the CMDB system.

Pre-requisites

- Identification Engine uses the “Configuration Management for Scoped Apps” plugin which must be installed before you start using it. Please refer to the ServiceNow documentation for detailed installation steps.

- Ensure that you add Qualys as Choices in the Discovery Source (column) of the Configuration Item (cmdb_ci table). Go to System Definition > Tables and search for Configuration Item table. In the table, open the Discovery Source column. Click New under Choices section and add Qualys as Label and Qualys as Value and click Submit.

Add or Update Rules (Pre-defined Table)1) Navigate to Identification/Reconciliation > CI Identifiers.

2) Search for Computer Extended Table and open the record.

19

Qualys Asset Inventory CMDB SyncAdvanced Configuration

3) Let’s add a new Identifier Entry in the table. Click New.

4) Unlock the Criterion attributes to view the list of available attributes. Let us choose IP address from the Available section and click to move it to Selected section.

You could choose multiple attributes as well. In case of multiple attributes, AND condition is applicable for attributes. For example, IP Address and MAC Address.

5) Assign a priority to the attribute.

6) Select Allow null attribute to indicate if the assets with attribute value as null should be picked or not.

7) Click Submit.

Custom TableIf you are using a new custom table, then along with above mentioned steps, you also need to do the following:

Note: The following steps along with the script works only if you have selected Identification Engine for Add data in CMDB property. If you have opted for Transform Map, refer to the script in Transform Maps section.

Create custom Transform Map1) Navigate to Qualys Asset Inventory CMDB Sync App > Transform Map and click New. Change the scope to Qualys App.

2) Provide a name for your transform map.

20

Qualys Asset Inventory CMDB SyncAdvanced Configuration

3) Select Source table and select Target table.

4) Click Submit and then open the newly created Transform Map.

5) Click New Field Map.

6) Ensure that you select source field and target field and click Submit.

7) Click New Transform script.

8) Choose OnBefore for When field and paste the following script:

(function runTransformScript(source, map, log, target /*undefined onStart*/ ) {

if (source.target_table_name != "x_qual5_itam_app_computers_extended"){ ignore = true; return; } var obj = new x_qual5_itam_app.ApproveAssets();var transferDataType = gs.getProperty('x_qual5_itam_app.tranform_data_type'); try{ if(transferDataType != "Transform map"){ ignore = true; var payload = obj.generatePayload(map,source); var jsonUntil = new global.JSON(); var input = jsonUntil.encode(payload); var output = sn_cmdb.IdentificationEngine.createOrUpdateCI('Qualys', input); obj.processQualysAsset(source,output);// Update Qualys Asset Table. }else{ ignore = false; } }catch(e){ log.error("Error while transforming Asset("+source.qualys_asset_id+"). Error -"+e); }})(source, map, log, target);

Where x_qual5_itam_app_computers_extended is the name of the target table. The script ensures that if the name of the target table matches, only then the asset data is inserted in the specified target table. Else, the data is ignored. This way, you can create destination table depending on your need and insert the required data in it.

Where x_qual5_itam_app.tranform_data_type: the settings in properties that indicates the data transfer is through transform map or identification engine.

9) Click Submit. You can now change the scope of the app back to Global.

21

Qualys Asset Inventory CMDB SyncAdvanced Configuration

Configuration Item (CI) Class SelectionDefine/customize the destination tables into which the pulled asset information should go after the assets are approved.

Easily create customized tables and associate custom tables with custom transform map. You can create separate transform map for each different destination table and then create a schedule for each transform map.

Let us consider an example where a company has a total of 100 assets. Among the 100 assets, 70 assets belong to Windows OS and the other 30 belong to Linux OS. The Transform Maps module enables an administrator to define destinations for imported data on any ServiceNow table. Using CI Class, you can easily achieve this.

Customize Transform Maps Using CI ClassThe following steps along with the script work only if you have selected “Transform Map” for the “Add data in CMDB” property. If you have opted for Identification Engine, refer to the script in the Identification Engine section.

Step 1: Create your own custom tables1) Go to System Definition > Tables and click New.

2) Ensure that you select Configuration Item (name=cmdb_ci) table in Extends table field.

3) Create custom columns as per your need.

4) Clear the Create Module check box.

5) Click Submit.

Step 2: Create custom Transform Map1) Go to Qualys Asset Inventory CMDB Sync App > Transform Map, and click New. Change the scope to Qualys App.

2) Provide a name for your transform map.

3) Select Source table and select Target table.

4) Click Submit and then open the newly create Transform Map.

5) Click New Field Map.

6) Ensure that you select source field and target field and click Submit.

7) Click New Transform script.

8) Choose OnBefore for When field and paste the following script:

if (source.target_table_name != "x_qual5_itam_app_computers_extended"){ ignore = true; return; }

22

Qualys Asset Inventory CMDB SyncAdvanced Configuration

Where x_qual5_itam_app_computers_extended is the name of the target table. The script ensures that if the name of the target table matches, only then the asset data is inserted in the specified target table. Else, the data is ignored. This way, you can create destination table depending on your need and insert the required data in it.

9) Click Submit.

Step 3: Create custom schedule

Create a new custom schedule and ensure that you associate the customized transform map you created to Target Transform Map field.

Step 4: Update report configurationYou need to configure report settings to pick data from the customized destination table you create to avoid data mismatch.

Application LogLog entries are listed under Advanced > Application Logs.

Logged activities include:

- API Response. For example, when you click Test Connection and if the account does not have access to Global IT Asset Inventory module.

- Schedule Lifecycle (Start, Run, and Finish)

- Lifecycle of Download Processor and Upload Processor (Start, Run, and Finish)

- Transform Type being used (Transform Map or Identification Engine)

- Asset Approval type (Manual or Auto Approval)

- Fetching Asset Tags and Asset Groups

23

Qualys Asset Inventory CMDB SyncView Reports

View ReportsGo to Qualys Asset Inventory CMDB Sync App > Overview. The Overview page displays a consolidated view of all the reports. If you view this page before syncing the assets, it may display all values as zero.

Note: The Reports option from version 1.0 is now merged in the Overview option. Thus, you will no longer see the Reports option in the menu.

When the Overview page is launched for the first time, you see a list of 10 default reports. However, the reports can be customized based on your preference. For more information, see, Customize Overview Page.

Types of reports that you can configure:

Report Name Description

Qualys Assets Reports

Approved Qualys Assets The Approved Qualys Assets report lists the assets auto/manually approved. This number is listed on the production table.

Asset Categories The Asset Categories report gives a clear picture of the various types of assets across your organization. The chart is a diagrammatic representation of the asset categories. Click the bar to view additional details about the respective asset category.

End of Life Operating Systems

The End of Life (EOL) Operating Systems report gives a clear picture of the various types of operating systems with the end of life across your organization. The chart is a diagrammatic representation of the operating systems. Click the bar to view additional details about the respective operating system.

Failed Qualys Assets The Failed Qualys Assets lists the number of assets that are not transformed into the CMDB table.

24

Qualys Asset Inventory CMDB SyncView Reports

Hardware Manufacturers The Hardware Manufacturers report gives a clear picture of the various manufacturers of hardware across your organization. The chart is a diagrammatic representation of the hardware manufacturers. Click the slice to view additional details about the respective manufacturer.

OS Distribution The OS Distribution report gives a clear picture of the operating systems installed on the assets across your organization. The chart is a diagrammatic representation of the operating systems. Click the slice to view additional details about the respective operative system.

Pending Qualys Assets The Pending Qualys Assets report lists the assets which are not approved.

Synced Qualys Assets The Synced Qualys Assets report lists the assets synced from Qualys to ServiceNow.

Software Report

Application Categories The Application Categories report gives a clear picture of the various types of applications installed on the assets across your organization. The chart is a diagrammatic representation of the various applications. Click the bar to view additional details about the respective application category.

Application Publishers The Application Publishers report gives a clear picture of the various publishers of the application installed on assets across your organization. The chart is a diagrammatic representation of the publishers. Click the bar to view additional details about the respective publisher.

Database Distribution The Database Distribution report gives a clear picture of the various types of the database used across your organization. The chart is a diagrammatic representation of the database distribution. Click the bar to view additional details about the respective database type.

End of Life Application The End of Life (EOL) Application report gives a clear picture of the various types of applications with end of life across your organization. The chart is a diagrammatic representation of the Application. Click the bar to view additional details about the respective operating system.

Software Distribution The Software Distribution report gives a clear picture of the various types of software used across your organization. The chart is a diagrammatic representation of the software distribution. Click the bar to view additional details about the respective database type.

Software Lifecycle Stage The Software Lifecycle Stage report lists the lifecycle stages of applications. Example: GA, EOL/EOS.

Report Name Description

25

Qualys Asset Inventory CMDB SyncView Reports

Customize Overview PageYou can add or remove the reports from the Overview page.

Add a ReportClick on Add content, the Add content pop-up appears. Select one of the following options to add reports:

-To add Qualys Assets reports: Select Reports from the first column, Qualys Assets from the second column and in the third column, select the required report from the displayed list.

-To add Software reports: Select Reports from the first column, Staging Master Software from the second column and in the third column, select the required report from the displayed list.

Once you select the required report, click one of the Add here options. The 10 Add here options indicate different locations where you can add the report on the Overview page.

26

Qualys Asset Inventory CMDB SyncView Reports

Remove a Report To remove a report from the overview page, click on the close option. Once you delete the report, you cannot undo the process. To add the same report again, see Add a Report.

Refresh Overview pageTo refresh all the reports on the Overview page at a fixed interval, click on the Homepage Settings icon and select the required Refresh interval.

27

Qualys Asset Inventory CMDB SyncDebugging and Troubleshooting

Debugging and TroubleshootingHere are scenarios that will help you debug certain common issues.

How to debugIn case of any unexpected application behavior one should check the application logs.

The application log has four different levels of logging: Information, Error, Warning, Debug

The application writes log entries after important transitions. For example, Schedule run, on click of test connection to API Server ['Qualys Qualys Asset Inventory CMDB Sync App > Advanced > Application Log]

Observed IssuesScenario: Sometimes clicking on 'Test Connection” gives 'error' response to user.Workaround: Check the error message.

- Try to repeat the ‘Test Connection’ a couple more times (if all input parameters are correct then ‘success’ message will be displayed)

- One can get the error message under ‘Schedule Logs’ for related entries in schedule record

- If no valid error is displayed (i.e. you are sure that the credentials are correct but API reported “unauthorized”), try again after some time. If error persists, contact Qualys Support

Scenario: When Download processor takes too much time to process

Workaround: Go to Properties and lower the Size of Download batch.

Scenario: Download Processor failed to process Sync Queue record(s)Workaround: This may leave the corresponding Sync Queue entry in ‘Error’ state and the error details can be verified from ‘Processing Notes/Message’

User should manually change the status back to

- ‘Queued’, and reset the 'Processor GUID' if he/she wants to process that response again.

If you reprocess any response, it will not lead to duplicate data, as application checks whether the record already exists in staging tables before inserting.

- 'Error’, if he/she does not want to process it again.

Scenario: Exception while approving the assets, when you have multiple CI Rules setup with the same priority

In this case, the asset fails to approve. The application log will display the following error:

Error while transforming asset(asset id). Error -java.lang.NullPointerException

28

Qualys Asset Inventory CMDB SyncDebugging and Troubleshooting

Workaround: Ensure you do not have multiple CI rules with the same priority and have expected order defined.

Scenario: Failed to approve asset using Identification Engine/Invalid UpdateThis error is displayed when the application finds some error with Identification and Reconciliation APIs.

To verify the issue, you can to navigate to Failed Qualys Assets > Open the asset record and see the Notes section. This section contains the detailed error response, as received from Identification and Reconciliation API.

Scenario: Sometimes it is observed that ‘approving’ manually multiple assets gives ‘Transaction Timeout’ by ServiceNow

Workaround:

- In such case there is no data loss observed in asset transformation

- To overcome transaction timeout error, it is recommended to use ‘Auto Approval’ in schedule

Anticipated Issues- Parallel execution of two schedules for two different CI Classes may insert records in both the custom CI tables. Hence it is recommended to run each schedule independently created for each CI Class.

- It is quite frequent to have error in opening/viewing attached ‘response.xml’ from sync queue records. Those response.xmls are considered as incomplete.

List of expected failure modes

- Qualys API server is undergoing maintenance/downtime

- Qualys subscription expired

- User credentials used are incorrect

- User credentials are correct, but user has no Qualys App subscription from Qualys

Common QuestionsDo you currently support the Identification and Reconciliation API for CMDB CRUD actions?Yes, Qualys App supports Identification and Reconciliation APIs. The goal of this API is to maintain the integrity of the database, and to correctly identify CIs so that new records are created only if CI is truly new to CMDB. See CMDB Identification and Reconciliation

You can change how to add data in CMDB from default Transform Map to Identification Engine from Properties page. You also need to create CI Identifier Rule for Target table.

29

Qualys Asset Inventory CMDB SyncDebugging and Troubleshooting

What are the Target tables and which tables being considered for comparison delta?

The records are primarily compared and updated/created on x_qual5_itam_app_computers_extended table which is extended from cmdb_ci_computer table. However, if user wants to use any other table, they can easily update the transform map to work with some other table of their choice.

Can user add data to ServiceNow app from different Qualys servers?

Yes, user can add asset data from different Qualys PODs. User needs to create different API Sources and Schedules as per Qualys servers.

What are Upload and Download type records in Queue?It can be easily differentiated by Type field available in the table. For Downloading data to ServiceNow app (i.e syncing assets from Qualys to ServiceNow) Type will be Download. For Uploading data to Qualys (Syncing assets from ServiceNow to Qualys servers) Type will be Upload.

Where can I find Assets which failed to transform in ServiceNow table?

You’ll find these assets in Failed Qualys Assets. Users can then approve these assets again.

Why do I view timestamps in GMT for schedules despite configuring a different timezone?

In the schedule scripts, we use ServiceNow’s new GlideDateTime().getDisplayValueInternal(); function to update the schedule last_run_timestamp. When this object is directly instantiated and used (e.g. in scoped application background script), it returns time in GMT, irrespective of the timezone configured for user under whom this script runs. That’s how it is designed.

Also, since ServiceNow does not allow scoped applications to set the timezone, the app cannot do that on behalf of the user who created the schedule. However, the time value you see on the UI is shown in the user set timezone - even if you set GMT date-time in this column. When the schedule runs next time, it fetches value in GMT, and not the one you see on UI. That may lead to confusion, and log entries show time in GMT, for this reason we recommend that the ServiceNow user sets his or her time to GMT.

The Schedules I defined pulled the data accurately till yesterday. But, today, the same schedule is unable to fetch any assets or related data.

Check your application logs. The reason the schedules are unable to fetch assets is because either your trial period or your subscription has expired. Contact your TAM to extend your subscription. Once you have an active subscription, you need to activate your API Source and the schedules will fetch the assets.

If an asset is purged from Qualys, what will its status be in ServiceNow CMDB?

The asset purged from Qualys will not automatically be purged in ServiceNow CMDB. The asset must be manually purged from ServiceNow.

30

Qualys Asset Inventory CMDB SyncField Mapping for Transform Maps

Field Mapping for Transform MapsQualys Asset Inventory Asset Transform Map

Source TargetImport Assets(x_qual5_itam_app_import_assets)

Computer Extended(x_qual5_itam_app_computers_extended)

CPU Count(asset_cpucount) CPU Count(asset_cpucount)

Asset Last Logged On User(asset_lastloggedonuser)

Asset Last Logged On User(asset_lastloggedonuser)

Asset Most Frequent User(asset_mostfrequentuser)

Asset Most Frequent User(asset_mostfrequentuser)

Asset UUID(asset_uuid) Asset UUID(asset_uuid)

BIOS Asset Tag(bios_asset_tag) BIOS Asset Tag(bios_asset_tag)

BIOS Description(bios_description) BIOS Description(bios_description)

BIOS Serial Number(bios_serial_number) BIOS Serial Number(bios_serial_number)

DNS Hostname(dns_hostname) DNS Hostname(dns_hostname)

Hardware category(hardware_category) Hardware category(hardware_category)

Hardware category 1(hardware_category_1) Hardware category 1(hardware_category_1)

Hardware category 2(hardware_category_2) Hardware category 2(hardware_category_2)

Hardware Full Name(hardware_full_name) Hardware Full Name(hardware_full_name)

Hardware Lifecycle Confidence (hardware_lifecycle_confidence)

Hardware Lifecycle Confidence (hardware_lifecycle_confidence)

Hardware Lifecycle EOS Date (hardware_lifecycle_eos_date)

Hardware Lifecycle EOS Date (hardware_lifecycle_eos_date)

Hardware lifecycle GA (hardware_lifecycle_ga) Hardware lifecycle GA (hardware_lifecycle_ga)

Hardware lifecycle GA (hardware_lifecycle_ga) Hardware lifecycle GA (hardware_lifecycle_ga)

Hardware Lifecycle Intro Date (hardware_lifecycle_intro_date)

Hardware Lifecycle Intro Date (hardware_lifecycle_intro_date)

Hardware Lifecycle Obsolete Date (hardware_lifecycle_obsolete_date)

Hardware Lifecycle Obsolete Date (hardware_lifecycle_obsolete_date)

Hardware lifecycle Stage (hardware_lifecycle_stage)

Hardware lifecycle Stage (hardware_lifecycle_stage)

Hardware Product (hardware_product) Hardware Product (hardware_product)

Hardware Serial Number (hardware_serial_number)

Hardware Serial Number (hardware_serial_number)

IP Address (ip_address) IP Address (ip_address)

Last boot (last_boot) Last boot (last_boot)

Last Modified Date (last_modified_date) Last Modified Date (last_modified_date)

31

Qualys Asset Inventory CMDB SyncField Mapping for Transform Maps

Hardware Manufacturer (manufacturer) Hardware Manufacturer (hardware_manufacturer)

Memory (memory) Memory (memory)

Hardware Model (model) Hardware Model (model)

Name (name) Name (name)

NetBIOS name (netbios_name) NetBIOS name (netbios_name)

Os Architecture (os_architecture) Os Architecture (os_architecture)

Os Category (os_category) Os Category (os_category)

Os Category 1 (os_category_1) Os Category 1 (os_category_1)

Os Category 2 (os_category_2) Os Category 2 (os_category_2)

Os Category Type (os_category_type) Os Category Type (os_category_type)

Os Edition (os_edition) Os Edition (os_edition)

Os Full Name (os_full_name) Os Full Name (os_full_name)

Os Lifecycle Confidence (os_lifecycle_confidence)

Os Lifecycle Confidence (os_lifecycle_confidence)

Os Lifecycle EOL Date (os_lifecycle_eol_date) Os Lifecycle EOL Date (os_lifecycle_eol_date)

Os Lifecycle EOL Support Stage (os_lifecycle_eol_support_stage)

Os Lifecycle EOL Support Stage (os_lifecycle_eol_support_stage)

Os Lifecycle EOS Date (os_lifecycle_eos_date) Os Lifecycle EOS Date (os_lifecycle_eos_date)

Os Lifecycle EOS Support Stage (os_lifecycle_eos_support_stage)

Os Lifecycle EOS Support Stage (os_lifecycle_eos_support_stage)

Os lifecycle ga (os_lifecycle_ga) Os lifecycle ga (os_lifecycle_ga)

Os Lifecycle Stage (os_lifecycle_stage) Os Lifecycle Stage (os_lifecycle_stage)

Os Market Version (os_market_version) Os Market Version (os_market_version)

Os Name (os_name) Os Name (os_name)

OS Product Name (os_product_name) OS Product Name (os_product_name)

Os Publisher (os_publisher) Os Publisher (os_publisher)

Os update (os_update) Os update (os_update)

Os Version (os_version) Os Version (os_version)

Processor CPU Counts (processor_cpu_counts) Processor CPU Counts (processor_cpu_counts)

Processor Description (processor_description) Processor Description (processor_description)

Processor speed (processor_speed) Processor speed(processor_speed)

(qualys_asset_id) Qualys Asset Id(qualys_asset_id)

QWEB Host Id(qweb_host_id) QWEB Host Id(qweb_host_id)

Time Zone(timezone) Time Zone(timezone)

Type(type) Type(type)

32

Qualys Asset Inventory CMDB SyncField Mapping for Transform Maps

2.  Qualys Asset Inventory Network Interfaces Transform Map

3. Qualys Asset Inventory Open Ports Transform Map

4. Qualys Asset Inventory Volumes Transform Map 

5. Qualys Asset Inventory Software Transform Map (Master Software)

Source TargetImport Network Interfaces(x_qual5_itam_ap-p_import_network_interfaces)

Network Adapter (cmdb_ci_network_adapter)

Address (address) IP Address (ip_address)

Hostname (hostname) Fully qualified domain name (fqdn)

Interface Name (interface_name) Name (name)

MAC Address (mac_address) MAC Address (mac_address)

Type (type) Category (category)

CMDB table sys id (cmdb_table_sys_id) Configuration Item (cmdb_ci)

Source TargetImport Open Ports (x_qual5_itam_app_im-port_open_ports)

Asset Open ports (x_qual5_itam_app_open_ports)

Description (description) Description (description)

Detected Service (detected_service) Detected Service (detected_service)

Port (port) Port (port)

Protocol (protocol) Protocol(protocol)

CMDB table sys id (cmdb_table_sys_id) CI Sys Id (ci_sys_id)

Source TargetImport Volumes (x_qual5_itam_app_import_vol-umes)

File System (cmdb_ci_file_system)

Name (name) Name (name)

Free size (free_size) Free space bytes (free_space_bytes)

Total Size (total_size) Size bytes (size_bytes)

CMDB table sys id (cmdb_table_sys_id) Provided by (provided_by)

Source TargetImport Volumes (x_qual5_itam_app_import_vol-umes)

Software Extended (x_qual5_itam_app_soft-ware_extended)

Architecture (architecture) Architecture (architecture)

Category (category) Qualys Software Category (qualys_software_category)

Category 1 (category_1) Category 1 (category_1)

33

Qualys Asset Inventory CMDB SyncField Mapping for Transform Maps

6. Qualys Asset Inventory Software Instance Transform Map (Mapping Software) - 

Category 2 (category_2) Category 2 (category_2)

Category Type (category_type) Category Type (category_type)

Component (component) Component (component)

Edition (edition) Edition (edition)

Is Ignored (is_ignored) Is Ignored (is_ignored)

Is Ignored Reason (is_ignored_reason) Is Ignored Reason (is_ignored_reason)

Language (language) Language(language)

License Category (license_category) License Category (license_category)

Lifecycle GA (lifecycle_ga) Lifecycle GA (lifecycle_ga)

Lifecycle Stage (lifecycle_stage) Lifecycle Stage (lifecycle_stage)

Market Version (market_version) Market Version (market_version)

Name (name) Name (name)

Product (product) Product (product)

Publisher(publisher) Publisher (publisher)

Lifecycle Confidence (software_lifecycle_confidence)

Lifecycle Confidence (software_lifecycle_confidence)

Software Lifecycle EOL Date (software_lifecycle_eol_date)

Lifecycle EOL Date (software_lifecycle_eol_date)

Software Lifecycle EOL Support Stage(software_lifecycle_eol_support_stage)

Lifecycle EOL Support Stage (software_lifecycle_eol_support_stage)

Software Lifecycle EOS Date (software_lifecycle_eos_date)

Lifecycle EOS Date (software_lifecycle_eos_date)

Software Lifecycle EOS Support Stage (software_lifecycle_eos_support_stage)

Lifecycle EOS Support Stage (software_lifecycle_eos_support_stage)

Type (type) Type (type)

Update (update) Update (update)

Version (version) Version (version)

Source TargetImport Software Instance (x_qual5_itam_app_im-port_software_instance)

Software Instance (cmdb_software_instance)

Install Date (install_date) Install date (install_date)

CMDB software sys id (cmdb_software_sys_id) Product Name (software)

CMDB table sys id (cmdb_table_sys_id) Installed on (installed_on)

34


Recommended